01. Which method is used by a Cisco XDR solution to prioritize actions?
a) Updating antivirus signatures
b) Monitoring endpoint activity
c) Leveraging AI and machine learning
d) Analyzing network traffic patterns
02. An organization is distributed across several sites. Each site is connected to the main HQ using site-to-site VPNs implemented using Secure Firewall Threat Defense. Which functionality must be implemented if the security manager wants to send SaaS traffic directly to the internet?
a) ECMP routing
b) IPsec tunnels
c) Multi-instances
d) Policy-based routing
03. What helps prevent drive-by compromise?
a) Ad blockers
b) VPN
c) Incognito browsing
d) Browsing known websites
04. According to Cisco Security Reference Architecture, which solution provides threat intelligence and malware analytics?
a) Cisco pxGrid
b) Cisco XDR
c) Cisco Talos
d) Cisco Umbrella
05. Which concept is used in the Cisco SAFE key reference model?
a) Secure Domains
b) Cloud Edge
c) Security Intelligence
d) Threat Defense
06. What does the Cisco Telemetry Broker provide for telemetry data?
a) Data analytics
b) Data mining
c) Data filtering
d) Data brokering
07. Which SAFE component logically arranges the security capabilities into blueprints?
a) Reference Architectures
b) Cisco Validated Designs
c) Places in the Network
d) Secure Domains
08. A recent InfraGard news release indicates the need to establish a risk ranking for all on-premises and cloud services. The ACME Corporation already performs risk assessments for on-premises services and has applied a risk ranking to them. However, the cloud services that were used lack risk rankings.
What Cisco Umbrella function should be used to meet the requirement?
a) Secure Internet Gateway
b) Domain Name Server Filtering
c) URL Categorization by Talos
d) App Discovery
09. Which types of algorithm does a web application firewall use for zero-day DDoS protection?
a) Reactive and heuristic-based
b) Adaptive and behavioral-based
c) Correlative and feedback-based
d) Stochastic and event-based
10. An engineer configures trusted endpoints with Active Directory with Device Health to determine if an endpoint complies with the policy posture. After a week, an alert is received by one user, reporting problems accessing an application. When the engineer verifies the authentication report, this error is found:
"Endpoint is not trusted because Cisco Secure Endpoint check failed, Check user's endpoint in Cisco Secure Endpoint."
Which action must the engineer take to permit access to the application again?
a) Verify the Cisco Secure Endpoint admin panel and approve the access to the user on the Management tab after a complete virus check of the user's laptop.
b) Verify the Trusted Endpoints policy to verify the status of the machine, and after a complete process of analysis, permit the machine to have access to the application.
c) Verify the Duo admin panel, check the EndPoints tab, verify the status of the machine, and after a complete process of analysis, mark the computer as Resolved to permit the user to authenticate again.
d) Verify the Cisco Secure Endpoint admin panel, check the Inbox tab, verify the status of the machine, and after a complete process of analysis, mark the computer as Resolved to permit the user to authenticate again.
Before you write the Cisco CCNP Security (300-740) certification exam, you may have certain doubts in your mind regarding the pattern of the test, the types of questions asked in it, the difficulty level of the questions and time required to complete the questions. These Cisco Certified Specialist Security Secure Cloud Access (SCAZT) sample questions and demo exam help you in removing these doubts and prepare you to take the test.
